com.xpn.xwiki.user.impl.LDAP
Class XWikiLDAPAuthServiceImpl

java.lang.Object
  extended by com.xpn.xwiki.user.impl.xwiki.AbstractXWikiAuthService
      extended by com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl
          extended by com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
All Implemented Interfaces:
XWikiAuthService

public class XWikiLDAPAuthServiceImpl
extends XWikiAuthServiceImpl

This class provides an authentication method that validates a user trough LDAP against a directory. It gives LDAP users access if they belong to a particular group, creates XWiki users if they have never logged in before and synchronizes membership to XWiki groups based on membership to LDAP groups.

Since:
1.3 M2
Version:
$Id: 5704d27f573a7c25d99e6b93b75738991e5e271c $

Field Summary
 
Fields inherited from class com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl
authenticators
 
Constructor Summary
XWikiLDAPAuthServiceImpl()
           
 
Method Summary
 Principal authenticate(String login, String password, XWikiContext context)
           
protected  String getValidXWikiUserName(String name)
           
protected  Principal ldapAuthenticate(String login, String password, XWikiContext context)
          Try both local and global ldap login and return Principal.
protected  Principal ldapAuthenticateInContext(String ldapUid, String validXWikiUserName, String password, XWikiContext context)
          Try LDAP login for given context and return Principal.
protected  Principal ldapAuthenticateInContext(String ldapUid, String validXWikiUserName, String password, XWikiContext context, boolean local)
          Try LDAP login for given context and return Principal.
protected  void syncGroupsMembership(String xwikiUserName, String ldapDn, boolean createuser, XWikiLDAPUtils ldapUtils, XWikiContext context)
          Synchronize user XWiki membership with it's LDAP membership.
protected  void syncGroupsMembership(String xwikiUserName, String userDN, Map<String,Set<String>> groupMappings, XWikiLDAPUtils ldapUtils, XWikiContext context)
          Synchronize user XWiki membership with it's LDAP membership.
protected  void syncUser(XWikiDocument userProfile, List<XWikiLDAPSearchAttribute> searchAttributeListIn, String ldapDn, String ldapUid, XWikiLDAPUtils ldapUtils, XWikiContext context)
          Update or create XWiki user base on LDAP.
protected  Principal xwikiAuthenticate(String ldapUid, String ldapPassword, XWikiContext context)
          Try both local and global DB login if trylocal is true Principal.
 
Methods inherited from class com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl
checkAuth, checkAuth, checkPassword, createUser, findUser, getAuthenticator, getParam, showLogin, stripContextPathFromURL
 
Methods inherited from class com.xpn.xwiki.user.impl.xwiki.AbstractXWikiAuthService
authenticateSuperAdmin, isSuperAdmin
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

XWikiLDAPAuthServiceImpl

public XWikiLDAPAuthServiceImpl()
Method Detail

authenticate

public Principal authenticate(String login,
                              String password,
                              XWikiContext context)
                       throws XWikiException
Specified by:
authenticate in interface XWikiAuthService
Overrides:
authenticate in class XWikiAuthServiceImpl
Returns:
a null Principal Object if the user hasn't been authenticated or a valid Principal Object if the user is correctly authenticated
Throws:
XWikiException

getValidXWikiUserName

protected String getValidXWikiUserName(String name)
Parameters:
name - the name to convert.
Returns:
a valid XWiki user name:
  • Remove '.'

ldapAuthenticate

protected Principal ldapAuthenticate(String login,
                                     String password,
                                     XWikiContext context)
Try both local and global ldap login and return Principal.

Parameters:
login - the name of the user to log in.
password - the password of the user to log in.
context - the XWiki context.
Returns:
the Principal.

xwikiAuthenticate

protected Principal xwikiAuthenticate(String ldapUid,
                                      String ldapPassword,
                                      XWikiContext context)
                               throws XWikiException
Try both local and global DB login if trylocal is true Principal.

Parameters:
ldapUid - the name of the user to log in.
ldapPassword - the password of the user to log in.
context - the XWiki context.
Returns:
the Principal.
Throws:
XWikiException - error when checking user name and password.

ldapAuthenticateInContext

protected Principal ldapAuthenticateInContext(String ldapUid,
                                              String validXWikiUserName,
                                              String password,
                                              XWikiContext context)
                                       throws XWikiException,
                                              UnsupportedEncodingException,
                                              com.novell.ldap.LDAPException
Try LDAP login for given context and return Principal.

Parameters:
ldapUid - the name of the ldap user to log in.
validXWikiUserName - the name of the XWiki user to log in.
password - the password of the user to log in.
context - the XWiki context.
Returns:
the Principal.
Throws:
XWikiException - error when login.
UnsupportedEncodingException - error when login.
com.novell.ldap.LDAPException - error when login.

ldapAuthenticateInContext

protected Principal ldapAuthenticateInContext(String ldapUid,
                                              String validXWikiUserName,
                                              String password,
                                              XWikiContext context,
                                              boolean local)
                                       throws XWikiException,
                                              UnsupportedEncodingException,
                                              com.novell.ldap.LDAPException
Try LDAP login for given context and return Principal.

Parameters:
ldapUid - the name of the ldap user to log in.
validXWikiUserName - the name of the XWiki user to log in.
password - the password of the user to log in.
context - the XWiki context.
local - indicate if it's a local authentication. Supposed to return a local user Principal (whithout the wiki name).
Returns:
the Principal.
Throws:
XWikiException - error when login.
UnsupportedEncodingException - error when login.
com.novell.ldap.LDAPException - error when login.

syncUser

protected void syncUser(XWikiDocument userProfile,
                        List<XWikiLDAPSearchAttribute> searchAttributeListIn,
                        String ldapDn,
                        String ldapUid,
                        XWikiLDAPUtils ldapUtils,
                        XWikiContext context)
                 throws XWikiException
Update or create XWiki user base on LDAP.

Parameters:
userProfile - the XWiki user profile page.
searchAttributeListIn - the attributes.
ldapDn - the LDAP user DN.
ldapUid - the uid of the user in LDAP
ldapUtils - the LDAP communication tool.
context - the XWiki context.
Throws:
XWikiException - error when updating or creating XWiki user.

syncGroupsMembership

protected void syncGroupsMembership(String xwikiUserName,
                                    String ldapDn,
                                    boolean createuser,
                                    XWikiLDAPUtils ldapUtils,
                                    XWikiContext context)
                             throws XWikiException
Synchronize user XWiki membership with it's LDAP membership.

Parameters:
xwikiUserName - the name of the user.
ldapDn - the LDAP DN of the user.
createuser - indicate if the user is created or updated.
ldapUtils - the LDAP communication tool.
context - the XWiki context.
Throws:
XWikiException - error when synchronizing user membership.

syncGroupsMembership

protected void syncGroupsMembership(String xwikiUserName,
                                    String userDN,
                                    Map<String,Set<String>> groupMappings,
                                    XWikiLDAPUtils ldapUtils,
                                    XWikiContext context)
                             throws XWikiException
Synchronize user XWiki membership with it's LDAP membership.

Parameters:
xwikiUserName - the name of the user.
userDN - the LDAP DN of the user.
groupMappings - the mapping between XWiki groups names and LDAP groups names.
ldapUtils - the LDAP communication tool.
context - the XWiki context.
Throws:
XWikiException - error when synchronizing user membership.


Copyright © 2004-2013 XWiki. All Rights Reserved.